Author: markt Date: Mon May 9 12:32:49 2011 New Revision: 1100988 URL: http://svn.apache.org/viewvc?rev=1100988&view=rev Log: Port RemoteIpValve changes to RemoteIpFilter
Modified: tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java tomcat/trunk/webapps/docs/changelog.xml tomcat/trunk/webapps/docs/config/filter.xml Modified: tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java?rev=1100988&r1=1100987&r2=1100988&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java (original) +++ tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java Mon May 9 12:32:49 2011 @@ -454,6 +454,8 @@ public class RemoteIpFilter implements F protected Map<String, List<String>> headers; + protected int localPort; + protected String remoteAddr; protected String remoteHost; @@ -463,9 +465,10 @@ public class RemoteIpFilter implements F protected boolean secure; protected int serverPort; - + public XForwardedRequest(HttpServletRequest request) { super(request); + this.localPort = request.getLocalPort(); this.remoteAddr = request.getRemoteAddr(); this.remoteHost = request.getRemoteHost(); this.scheme = request.getScheme(); @@ -543,6 +546,11 @@ public class RemoteIpFilter implements F } @Override + public int getLocalPort() { + return localPort; + } + + @Override public String getRemoteAddr() { return this.remoteAddr; } @@ -585,6 +593,10 @@ public class RemoteIpFilter implements F } + public void setLocalPort(int localPort) { + this.localPort = localPort; + } + public void setRemoteAddr(String remoteAddr) { this.remoteAddr = remoteAddr; } @@ -626,6 +638,10 @@ public class RemoteIpFilter implements F protected static final String PROTOCOL_HEADER_HTTPS_VALUE_PARAMETER = "protocolHeaderHttpsValue"; + protected static final String PORT_HEADER_PARAMETER = "portHeader"; + + protected static final String CHANGE_LOCAL_PORT_PARAMETER = "changeLocalPort"; + protected static final String PROXIES_HEADER_PARAMETER = "proxiesHeader"; protected static final String REMOTE_IP_HEADER_PARAMETER = "remoteIpHeader"; @@ -688,6 +704,10 @@ public class RemoteIpFilter implements F private String protocolHeaderHttpsValue = "https"; + private String portHeader = null; + + private boolean changeLocalPort = false; + /** * @see #setProxiesHeader(String) */ @@ -780,11 +800,11 @@ public class RemoteIpFilter implements F } else if (protocolHeaderHttpsValue.equalsIgnoreCase(protocolHeaderValue)) { xRequest.setSecure(true); xRequest.setScheme("https"); - xRequest.setServerPort(httpsServerPort); + setPorts(xRequest, httpsServerPort); } else { xRequest.setSecure(false); xRequest.setScheme("http"); - xRequest.setServerPort(httpServerPort); + setPorts(xRequest, httpServerPort); } } @@ -819,6 +839,25 @@ public class RemoteIpFilter implements F } + private void setPorts(XForwardedRequest xrequest, int defaultPort) { + int port = defaultPort; + if (getPortHeader() != null) { + String portHeaderValue = xrequest.getHeader(getPortHeader()); + if (portHeaderValue != null) { + try { + port = Integer.parseInt(portHeaderValue); + } catch (NumberFormatException nfe) { + log.debug("Invalid port value [" + portHeaderValue + + "] provided in header [" + getPortHeader() + "]"); + } + } + } + xrequest.setServerPort(port); + if (isChangeLocalPort()) { + xrequest.setLocalPort(port); + } + } + /** * Wrap the incoming <code>request</code> in a {@link XForwardedRequest} if the http header <code>x-forwareded-for</code> is not empty. */ @@ -831,6 +870,10 @@ public class RemoteIpFilter implements F } } + public boolean isChangeLocalPort() { + return changeLocalPort; + } + public int getHttpsServerPort() { return httpsServerPort; } @@ -843,6 +886,10 @@ public class RemoteIpFilter implements F return protocolHeader; } + public String getPortHeader() { + return portHeader; + } + public String getProtocolHeaderHttpsValue() { return protocolHeaderHttpsValue; } @@ -882,6 +929,14 @@ public class RemoteIpFilter implements F setProtocolHeaderHttpsValue(filterConfig.getInitParameter(PROTOCOL_HEADER_HTTPS_VALUE_PARAMETER)); } + if (filterConfig.getInitParameter(PORT_HEADER_PARAMETER) != null) { + setPortHeader(filterConfig.getInitParameter(PORT_HEADER_PARAMETER)); + } + + if (filterConfig.getInitParameter(CHANGE_LOCAL_PORT_PARAMETER) != null) { + setChangeLocalPort(Boolean.parseBoolean(filterConfig.getInitParameter(CHANGE_LOCAL_PORT_PARAMETER))); + } + if (filterConfig.getInitParameter(PROXIES_HEADER_PARAMETER) != null) { setProxiesHeader(filterConfig.getInitParameter(PROXIES_HEADER_PARAMETER)); } @@ -913,6 +968,21 @@ public class RemoteIpFilter implements F /** * <p> + * If <code>true</code>, the return values for both {@link + * ServletRequest#getLocalPort()} and {@link ServletRequest#getServerPort()} + * wil be modified by this Filter rather than just + * {@link ServletRequest#getServerPort()}. + * </p> + * <p> + * Default value : <code>false</code> + * </p> + */ + public void setChangeLocalPort(boolean changeLocalPort) { + this.changeLocalPort = changeLocalPort; + } + + /** + * <p> * Server Port value if the {@link #protocolHeader} indicates HTTP (i.e. {@link #protocolHeader} is not null and * has a value different of {@link #protocolHeaderHttpsValue}). * </p> @@ -954,6 +1024,20 @@ public class RemoteIpFilter implements F /** * <p> + * Header that holds the incoming port, usally named + * <code>X-Forwarded-Port</code>. If <code>null</code>, + * {@link #httpServerPort} or {@link #httpsServerPort} will be used. + * </p> + * <p> + * Default value : <code>null</code> + * </p> + */ + public void setPortHeader(String portHeader) { + this.portHeader = portHeader; + } + + /** + * <p> * Header that holds the incoming protocol, usally named <code>X-Forwarded-Proto</code>. If <code>null</code>, request.scheme and * request.secure will not be modified. * </p> Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1100988&r1=1100987&r2=1100988&view=diff ============================================================================== --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Mon May 9 12:32:49 2011 @@ -66,10 +66,10 @@ StandardWrapper. (markt) </fix> <add> - Provide additional configuration options for the RemoteIpValve to allow - greater control over the values returned by + Provide additional configuration options for the RemoteIpValve and + RemoteIpFilter to allow greater control over the values returned by ServletRequest#getServerPort() and ServletRequest#getLocalPort() when - using this valve. (markt) + Tomcat is behind a reverse proxy. (markt) </add> </changelog> </subsection> Modified: tomcat/trunk/webapps/docs/config/filter.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/filter.xml?rev=1100988&r1=1100987&r2=1100988&view=diff ============================================================================== --- tomcat/trunk/webapps/docs/config/filter.xml (original) +++ tomcat/trunk/webapps/docs/config/filter.xml Mon May 9 12:32:49 2011 @@ -990,6 +990,12 @@ FINE: Request "/docs/config/manager.html default of <code>null</code> is used.</p> </attribute> + <attribute name="portHeader" required="false"> + <p>Name of the HTTP Header read by this valve that holds the port + used by the client to connect to the proxy. If not specified, the + default of <code>null</code> is used.</p> + </attribute> + <attribute name="protocolHeaderHttpsValue" required="false"> <p>Value of the <strong>protocolHeader</strong> to indicate that it is an HTTPS request. If not specified, the default of <code>https</code> is @@ -997,17 +1003,24 @@ FINE: Request "/docs/config/manager.html </attribute> <attribute name="httpServerPort" required="false"> - <p>Value returned by <code>ServletRequest.getServerPort()</code> - when the <strong>protocolHeader</strong> indicates <code>http</code> - protocol. If not specified, the default of <code>80</code> is - used.</p> + <p>Value returned by <code>ServletRequest.getServerPort()</code> + when the <strong>protocolHeader</strong> indicates <code>http</code> + protocol and no <strong>portHeader</strong> is present. If not + specified, the default of <code>80</code> is used.</p> </attribute> <attribute name="httpsServerPort" required="false"> - <p>Value returned by <code>ServletRequest.getServerPort()</code> - when the <strong>protocolHeader</strong> indicates <code>https</code> - protocol. If not specified, the default of <code>443</code> is - used.</p> + <p>Value returned by <code>ServletRequest.getServerPort()</code> + when the <strong>protocolHeader</strong> indicates <code>https</code> + protocol and no <strong>portHeader</strong> is present. If not + specified, the default of <code>443</code> is used.</p> + </attribute> + + <attribute name="changeLocalPort" required="false"> + <p>If <code>true</code>, the value returned by + <code>ServletRequest.getLocalPort()</code> and + <code>ServletRequest.getServerPort()</code> is modified by the this + filter. If not specified, the default of <code>false</code> is used.</p> </attribute> </attributes> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org